Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XWY_SbV-J57UksvK8FMgtn-VdbM.roa
File: XWY_SbV-J57UksvK8FMgtn-VdbM.roa (raw, json)
Hash identifier: I5rRDPxoOwFXBDhVLge9k4ejs5oGsA7EBZjy2CHHWkU=
Subject key identifier: 5D:66:3F:49:B5:7E:27:9E:D4:92:CB:CA:F0:53:20:B6:7F:95:75:B3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222035D0103E90CF93093EEAE6E33D8D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XWY_SbV-J57UksvK8FMgtn-VdbM.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198584
IP address blocks: 185.222.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:35:d0:10:3e:90:cf:93:09:3e:ea:e6:e3:3d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d663f49b57e279ed492cbcaf05320b67f9575b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:84:a8:02:9c:22:95:30:6c:79:72:e8:fb:
75:6c:1c:ed:f5:09:32:76:06:c6:b0:2d:47:89:e5:
ad:5c:7d:f8:66:d0:5e:df:e3:cf:f5:f3:e5:bb:96:
25:ad:81:ec:6a:a0:b3:d4:03:ec:56:54:39:15:9b:
4c:52:7e:d4:8b:d0:6b:6d:60:45:e7:83:cb:e4:f1:
d1:2e:77:15:44:4e:ba:74:37:a3:cc:93:3d:d3:ba:
9d:74:a0:19:db:79:72:f7:82:09:f8:64:48:de:ed:
a2:4e:27:d3:97:e4:e1:15:7d:55:fd:5f:34:25:fc:
da:e9:72:76:93:3e:a9:9d:d4:47:3c:06:4c:5a:fe:
ee:f2:25:b1:0e:d8:0c:e4:4b:b5:5b:7c:9e:74:4e:
ea:3c:2a:c5:1a:de:ac:12:92:37:86:83:2f:86:5e:
82:06:a5:0d:2d:e7:79:12:98:16:c9:bc:56:3e:7f:
99:3a:9d:21:26:b4:69:a2:5e:61:52:28:6d:76:1f:
85:97:4b:68:5c:e3:d3:0f:04:c1:6c:25:4e:bc:99:
bd:db:3e:82:38:76:9a:50:e1:51:8d:f5:dd:10:53:
de:c0:f0:2c:03:42:42:62:d4:e0:6d:f1:7b:07:fd:
aa:e2:4e:5c:0b:b7:13:77:61:f3:f4:f9:5e:fe:28:
11:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:66:3F:49:B5:7E:27:9E:D4:92:CB:CA:F0:53:20:B6:7F:95:75:B3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XWY_SbV-J57UksvK8FMgtn-VdbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.28.0/24
Signature Algorithm: sha256WithRSAEncryption
53:91:ec:4d:4a:26:d8:29:ec:89:d5:8e:11:96:f4:bc:b7:88:
0e:e7:6a:2c:b6:bf:b5:64:a1:8b:32:e5:84:55:b6:52:c9:a0:
97:0f:1b:f5:96:b5:d6:7b:b2:07:88:1a:da:2e:c7:7a:d8:df:
4b:48:92:08:f2:a4:5d:5e:bf:3c:12:d4:75:34:96:e8:3a:09:
52:6d:e0:3b:b7:e5:e2:29:57:02:09:2b:8c:f7:b7:0d:47:9e:
bd:af:28:12:d4:e6:66:52:d3:ab:af:f5:d4:4b:33:ef:bf:6b:
9f:48:b6:43:af:f2:77:0a:02:29:a0:44:8e:bf:86:36:24:58:
6e:11:80:8f:20:48:a0:b5:21:ab:84:08:fa:f2:0c:43:ed:fe:
82:89:64:cc:18:e8:27:18:15:8f:a5:f7:d6:32:81:ce:aa:27:
92:b0:92:fa:ac:43:09:6e:70:ec:bd:b6:eb:78:8f:21:a7:fc:
1e:f4:bb:26:fe:d7:bf:0b:39:86:bb:6c:38:00:a5:01:81:96:
b0:c6:87:11:e3:17:14:91:39:59:c9:d1:58:b2:22:e3:6e:a7:
8e:f5:b8:31:ec:e5:c1:28:59:d7:0c:d8:4a:5d:ac:87:65:83:
22:e1:b0:79:47:99:73:34:42:59:45:43:db:2e:a7:d7:02:82:
8c:60:fe:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIDXQED6Qz5MJPurm4z2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY2M2Y0OWI1N2UyNzllZDQ5MmNiY2FmMDUzMjBiNjdmOTU3NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf2EqAKcIpUwbHly6Pt1bBzt9Qky
dgbGsC1HieWtXH34ZtBe3+PP9fPlu5YlrYHsaqCz1APsVlQ5FZtMUn7Ui9BrbWBF
54PL5PHRLncVRE66dDejzJM907qddKAZ23ly94IJ+GRI3u2iTifTl+ThFX1V/V80
Jfza6XJ2kz6pndRHPAZMWv7u8iWxDtgM5Eu1W3yedE7qPCrFGt6sEpI3hoMvhl6C
BqUNLed5EpgWybxWPn+ZOp0hJrRpol5hUihtdh+Fl0toXOPTDwTBbCVOvJm92z6C
OHaaUOFRjfXdEFPewPAsA0JCYtTgbfF7B/2q4k5cC7cTd2Hz9Ple/igRqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1mP0m1fiee1JLLyvBTILZ/lXWzMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWFdZX1NiVi1KNTdVa3N2SzhGTWd0bi1WZGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud4cMA0G
CSqGSIb3DQEBCwUAA4IBAQBTkexNSibYKeyJ1Y4RlvS8t4gO52ostr+1ZKGLMuWE
VbZSyaCXDxv1lrXWe7IHiBraLsd62N9LSJII8qRdXr88EtR1NJboOglSbeA7t+Xi
KVcCCSuM97cNR569rygS1OZmUtOrr/XUSzPvv2ufSLZDr/J3CgIpoESOv4Y2JFhu
EYCPIEigtSGrhAj68gxD7f6CiWTMGOgnGBWPpffWMoHOqieSsJL6rEMJbnDsvbbr
eI8hp/we9Lsm/te/CzmGu2w4AKUBgZawxocR4xcUkTlZydFYsiLjbqeO9bgx7OXB
KFnXDNhKXayHZYMi4bB5R5lzNEJZRUPbLqfXAoKMYP7d
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:02:42 2025 by rpki-client